Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3136302e302f32312d3234203d3e203138373437.roa
File:                     3138312e37382e3136302e302f32312d3234203d3e203138373437.roa (raw, json)
Hash identifier:          WAwRpTUOQh19+FEDxeQhRPzIwh0gwmdz5gcyqclNbUc=
Subject key identifier:   64:8A:2D:12:4E:02:71:D3:29:8F:9B:E7:FA:FE:78:96:BE:C1:36:CD
Certificate issuer:       /CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
Certificate serial:       6A9069E98CDC894477FB3C019901C8EF2306CC45
Authority key identifier: 99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3136302e302f32312d3234203d3e203138373437.roa
Signing time:             Tue 05 Mar 2024 18:04:55 +0000
ROA not before:           Tue 05 Mar 2024 17:59:55 +0000
ROA not after:            Tue 04 Mar 2025 18:04:55 +0000
asID:                     18747
IP address blocks:        181.78.160.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 22:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:90:69:e9:8c:dc:89:44:77:fb:3c:01:99:01:c8:ef:23:06:cc:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50
        Validity
            Not Before: Mar  5 17:59:55 2024 GMT
            Not After : Mar  4 18:04:55 2025 GMT
        Subject: CN=648A2D124E0271D3298F9BE7FAFE7896BEC136CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:ec:9e:4f:cc:2e:27:f6:ce:81:98:c6:f5:a4:
                    fd:d5:6d:b9:e3:9b:50:19:f9:cb:d0:5b:8c:52:03:
                    a4:b7:4c:9a:8f:b4:2e:9a:2e:ae:4a:34:53:43:3c:
                    16:51:4b:17:f6:bb:cf:43:db:6d:8a:4b:0e:6e:fc:
                    83:17:91:9f:b7:32:9e:52:93:53:f3:22:5e:88:24:
                    d8:ab:6f:8c:5c:7a:09:9e:3d:e9:57:f4:9f:7c:54:
                    fa:02:90:ea:10:2c:e7:1e:91:0e:57:fe:31:e5:93:
                    ce:d9:4a:ae:81:56:81:94:21:fb:f8:ea:2d:28:39:
                    66:b0:2e:fd:15:f4:14:16:34:73:5e:ba:41:c8:c7:
                    f3:1e:5d:f0:0a:f1:9d:00:95:4d:58:17:c8:67:a2:
                    37:7b:e8:0f:ac:64:eb:a4:88:05:94:6a:e3:e4:0a:
                    53:92:11:08:7f:d8:5e:4d:a5:d4:7b:de:c1:f5:b0:
                    df:69:21:7f:7f:71:50:90:d9:f7:96:fb:f6:75:6b:
                    42:db:08:85:44:ce:aa:97:bd:f0:19:fc:9c:e2:3f:
                    f0:58:3a:bf:8f:1c:da:92:77:ef:6b:2e:a8:5c:5e:
                    1f:7e:54:dd:8a:ad:0c:ad:e7:70:96:5c:6b:69:f9:
                    c9:b2:36:f8:fb:a4:28:c4:75:f3:45:3c:ec:2d:ff:
                    9d:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:8A:2D:12:4E:02:71:D3:29:8F:9B:E7:FA:FE:78:96:BE:C1:36:CD
            X509v3 Authority Key Identifier:
                keyid:99:D9:23:A2:52:7D:78:CB:CA:1B:C2:B6:B1:5D:AC:0F:1F:6C:7E:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99D923A2527D78CBCA1BC2B6B15DAC0F1F6C7E50.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AABDF4095FE8B22882D20B16DB7D2BFD381C0F9E62C6EB659447D44BE7E1CBC2/0/3138312e37382e3136302e302f32312d3234203d3e203138373437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.78.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         99:2a:26:d7:3f:ee:b8:91:a6:75:dd:12:33:ba:89:8f:fd:85:
         b3:ef:ab:12:3e:23:87:84:08:9e:a4:cb:c8:59:d4:a2:3e:ed:
         11:bb:eb:6b:5c:d3:f1:04:3b:f8:74:a2:35:5a:83:f9:8f:75:
         cb:e4:d0:d2:66:30:43:e1:3f:61:36:0a:f5:ad:06:28:38:8b:
         d6:7b:71:b3:99:c8:0e:83:84:80:2f:57:db:a8:ca:70:c5:b3:
         a3:83:8c:5f:68:b3:f2:ee:c7:eb:14:d1:20:d6:93:8a:c2:71:
         b4:bb:81:ea:5a:d0:b0:7e:42:1b:24:68:d5:6f:2f:76:15:14:
         92:a2:cb:91:b0:c9:26:72:9d:ac:d0:42:09:02:e5:05:bf:0c:
         93:47:6f:8a:56:d0:b6:e2:83:4a:f3:bb:5c:0a:74:1e:df:29:
         03:cd:e3:bb:2d:44:ed:4d:69:c7:d0:cf:30:a6:4a:58:bc:74:
         66:0e:04:f1:fa:e9:a0:67:92:a9:e0:09:19:e2:3b:b7:f4:c8:
         e2:6c:ba:61:f4:c5:ed:24:7b:35:a3:ba:44:c2:ca:19:7e:62:
         56:2a:f4:f9:0a:c4:13:8a:68:be:78:d0:e0:95:cc:c0:19:ff:
         15:e2:b5:59:b6:7b:5d:1c:7f:66:df:1a:dc:fe:4e:d0:1a:ae:
         b0:11:0a:20
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUapBp6YzciUR3+zwBmQHI7yMGzEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlEOTIzQTI1MjdENzhDQkNBMUJDMkI2QjE1REFDMEYx
RjZDN0U1MDAeFw0yNDAzMDUxNzU5NTVaFw0yNTAzMDQxODA0NTVaMDMxMTAvBgNV
BAMTKDY0OEEyRDEyNEUwMjcxRDMyOThGOUJFN0ZBRkU3ODk2QkVDMTM2Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu7J5PzC4n9s6BmMb1pP3Vbbnj
m1AZ+cvQW4xSA6S3TJqPtC6aLq5KNFNDPBZRSxf2u89D222KSw5u/IMXkZ+3Mp5S
k1PzIl6IJNirb4xcegmePelX9J98VPoCkOoQLOcekQ5X/jHlk87ZSq6BVoGUIfv4
6i0oOWawLv0V9BQWNHNeukHIx/MeXfAK8Z0AlU1YF8hnojd76A+sZOukiAWUauPk
ClOSEQh/2F5NpdR73sH1sN9pIX9/cVCQ2feW+/Z1a0LbCIVEzqqXvfAZ/JziP/BY
Or+PHNqSd+9rLqhcXh9+VN2KrQyt53CWXGtp+cmyNvj7pCjEdfNFPOwt/50LAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUZIotEk4CcdMpj5vn+v54lr7BNs0wHwYDVR0j
BBgwFoAUmdkjolJ9eMvKG8K2sV2sDx9sflAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQUJERjQwOTVGRThCMjI4ODJEMjBCMTZEQjdEMkJGRDM4
MUMwRjlFNjJDNkVCNjU5NDQ3RDQ0QkU3RTFDQkMyLzAvOTlEOTIzQTI1MjdENzhD
QkNBMUJDMkI2QjE1REFDMEYxRjZDN0U1MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUQ5MjNBMjUyN0Q3OENCQ0Ex
QkMyQjZCMTVEQUMwRjFGNkM3RTUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUFCREY0MDk1RkU4QjIyODgyRDIwQjE2REI3RDJCRkQzODFDMEY5RTYy
QzZFQjY1OTQ0N0Q0NEJFN0UxQ0JDMi8wLzMxMzgzMTJlMzczODJlMzEzNjMwMmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzEzODM3MzQzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7VOoDAN
BgkqhkiG9w0BAQsFAAOCAQEAmSom1z/uuJGmdd0SM7qJj/2Fs++rEj4jh4QInqTL
yFnUoj7tEbvra1zT8QQ7+HSiNVqD+Y91y+TQ0mYwQ+E/YTYK9a0GKDiL1ntxs5nI
DoOEgC9X26jKcMWzo4OMX2iz8u7H6xTRINaTisJxtLuB6lrQsH5CGyRo1W8vdhUU
kqLLkbDJJnKdrNBCCQLlBb8Mk0dvilbQtuKDSvO7XAp0Ht8pA83juy1E7U1px9DP
MKZKWLx0Zg4E8frpoGeSqeAJGeI7t/TI4my6YfTF7SR7NaO6RMLKGX5iVir0+QrE
E4povnjQ4JXMwBn/FeK1WbZ7XRx/Zt8a3P5O0BqusBEKIA==
-----END CERTIFICATE-----